Hey guys. The company I work for is having an issue when RDPing to servers. The self-signed certs on the servers as well as the various web-interfaces (PBX, AV console etc.) are either expired or untrusted and are throwing errors when we connect to their corresponding machines. I was tasked with getting our certificates up to scratch. The method that was decided on was to use an Enterprise Certificate Authority to remedy the issue as well as establishing a long-term solution.
I have established the CA server using a Server 2012r2 installation. The CA has been configured, templates were configured for Computers, servers, DCs and Remote Desktop connection. All of the systems in the domain already have requested and received their certificates. GPOs have been configured to allow all clients to store the Root Cert in their Trusted Store
...